Use Advanced Security Methods to Protect Your Gmail Account

Gmail has introduced Advanced Security Features which you can use to protect your Gmail account more effectively. The implementation offers three different types of methods for a 2 step verification.

With the new features, you can secure your account more proactively.

You can implement the new security features in the following ways:

1. Using a security key

2. Using Authenticator App

3. Backup codes

We will discuss in this article about all the three advanced security methods.

First, order a Yubikey! Any Yubikey will do; we recommend the blue one because it's cheapest. You can buy it for $18 on Amazon:

Once you have a Yubikey, log in to your Gmail using Chrome browser on a laptop or desktop, and click on the round icon in the upper right side of the page to go to your account settings:

A pane will open with a blue 'My Account' button. Click it.

On the account page, find the section called "Sign-in & security", and click on the first link—"Signing in to Google":

If you haven't previously provided it, Google will now ask you for your phone number. This step is mandatory to unlock the other two-factor options. (We'll take the phone number off in a later step.)

Enter a phone number you have access to, click "next", and type in the code Google sends you:

Once you've verified a phone number, you'll see this 2-step verification screen:

Scroll down the list of options to the one called "Security Key":

Click the "add security key" link. Google will now prompt you to insert your key:

Plug the key into any USB port, with the gold disk facing upwards. If you're on a newer mac, you may have to use a USB adapter.

If you did this right, a light in the gold disk should start flashing.

Press your fingertip against the gold circle until it stops flashing. (If you have longer fingernails, you may need to wiggle your finger a bit, or press harder.)

Once Google accepts your key, you'll see a checkmark. You can now take the Yubikey out of the USB port (there's no need to unmount it like a flash drive).

If you want, at this point you can give your security key a name—this is useful if you add more keys to the account later, as a backup.

You've added a security key to your account!

Now let's add some backup methods in case you lose the key, or don't have it with you. The first one we'll install is an app that lives on your phone.

On your phone, download and install the Google Authenticator app:

Back in your browser, scroll down the list of options until you see "Authenticator App". Click the Set Up link:

Google will ask you what type of phone you use, and then display a QR code on your screen.

Open the authenticator app on your phone, and click the 'plus' sign. It may ask you for permission to use the camera. Give it permission, and scan the QR code.

You'll see a six-digit number, which changes every minute or so.

Google will ask you to enter this six-digit code. If all goes well, you'll be back at the 2-Step Verification screen, now with three things configured:

Google is now set up to accept three kinds of second factors: our security key, a code from the authenticator app, or a text message.

We're going to add one more backup method, in case we lose both our security key and our phone. Scroll down to 'Backup codes' and click 'set up'.

You'll see a list of ten numeric codes. These are single-use codes that will let you into your Google account. Print them and put them somewhere safe. Don't store them on your computer, or in your password manager. If you carry them with you, put them in your wallet rather than in your laptop bag.

Now we need to remove our phone number as backup method. (If you're curious why it's important to not have a phone number on your account.

Click the pencil icon on the right of the phone number, and you'll see a confirmation screen:

click the 'remove' button. (If you have multiple phone numbers on your account, delete all of them.)

You have just secured your Gmail account!

This should be your final configuration:

TEST DRIVE-

Now let's try logging in, with and without the security key:

1.Open an incognito window in Chrome (make sure there are no other incognito windows open), and try logging in to your Gmail. It will ask you for your password as usual, and then it should prompt you for your security key.

2. Insert the key like you did during setup, and press the gold disk until it stops flashing.

3. You should now be logged in to your email.

4. Now let's test logging in without the key. Close the incognito window, open a fresh one, and log in to Gmail again. This time, instead of inserting the key, click the 'try another way to sign in' link at the bottom:

5. Choose the Google Authenticator option:

6. On your phone, open the Authenticator app, and type the code into Chrome.

7. You should now be logged in to your Gmail.